Many services, such as some services accessible via Hyper-Text Transfer Protocol (HTTP), File Transfer Protocol (FTP) and other protocols, may be remotely accessed. In order to be remotely accessible, such services may be tagged as remote callable services. There exist different technologies, e.g. Remote Method Invocation (RMI), Common Object Request Broker Architecture (CORBA), Remote Function Call (RFC), to enable services, implemented in different languages, e.g. JAVA, C, C++, ABAP, etc., to be called remotely. One of the security issues which arises in some situations with remote services is that due to the remote accessibility, those services could be called from anywhere whenever network connectivity to the remote service can be established. This may present security risks where accessibility to some services should be restricted to certain programs or users.
In a system containing several services, e.g. payment, salary, order entry, shopping cart, product availability check, credit card authorization, etc., only some of the services may be accessible to any client (such as a shopping cart service), while other services (e.g., credit card authorization service, product or inventory check for a requested item, or other administrative services) should be accessible only to a subset of other programs or users.